package charlie.shop.web;

import com.charlie.beans.Users;
import com.charlie.db.DAOLocal;
import com.charlie.sessions.CartLocal;
import com.charlie.sessions.UsersFacadeLocal;
import java.io.IOException;
import java.util.List;
import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Provides signing in
 *
 * @author Vitaliy Mostipaka <imprtat@gmail.com>
 */
@WebServlet(name = "SignInServlet", urlPatterns = {"/signin", "/logout"})
public class SignInServlet extends HttpServlet {

    @EJB
    private UsersFacadeLocal usersFacade;
    @EJB
    private DAOLocal dao;

    /**
     * Processes requests for both HTTP
     * <code>GET</code> and
     * <code>POST</code> methods.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        getServletContext().getRequestDispatcher("/signin.jsp").forward(request, response);
    }

    /**
     * Handles the HTTP
     * <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        if (request.getServletPath().equals("/logout")) {
            HttpSession session = request.getSession();
            if (session != null) {
                session.invalidate();
            }
            response.sendRedirect(request.getContextPath());
            return;
        }
        processRequest(request, response);
    }

    /**
     * Handles the HTTP
     * <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        HttpSession session = request.getSession(true);
        if (session.getAttribute("user") == null) {
            int error = 0;
            String email = (String) request.getParameter("email");
            String password = (String) request.getParameter("password");

            if (email == null || password == null) {
                error = 1;
            } else {
                Users user = usersFacade.findByEmailAndPassword(email, password);
                if (user != null) {
                    switch (user.getUserStatus()) {
                        case 0:
                            error = 3;
                            break;
                        case 1:
                            session.setAttribute("user", user);
                            CartLocal cart = (CartLocal) session.getAttribute("cart");
                            if (cart != null) {
                                cart.setUser(user);
                            }
                            List<String> PRolesList = dao.getUserPersonalRolesByEmail(user.getEmail());
                            PRolesList.addAll(dao.getUserGroupRolesByEmail(user.getEmail()));
                            session.setAttribute("UserRoles", PRolesList);
                            if (session.getAttribute("PageToRedirect") == null) {
                                response.sendRedirect(request.getContextPath());
                            } else {
                                response.sendRedirect(session.getAttribute("PageToRedirect").toString());
                            }
                            return;
                        case 2:
                            error = 4;
                            break;
                    }
                } else {
                    error = 2;
                }
            }
            request.setAttribute("error", error);
        }

        response.setContentType("text/html;charset=UTF-8");
        processRequest(request, response);
    }
}
